This is okay for an ACK, but some of it will get changed in a future revision. Please avoid mapping to anything in the "general principles" section.
This is simply text describing the general principles which drove the creation of much of the guidance, and is abstract in nature. The point of this mapping is to show something concrete in the "Rules Mapped" column.
When we had mapped to a Group for some of the OS SRG items (such as for CCI-001589), this was because the prose there was providing a factual description of the (audit) system's capabilities; the actual point is that the product met the requirements; we were just providing the Group description as evidence of this.
On 06/21/2012 05:18 PM, Willy Santos wrote:
More CCI Mappings.
Willy Santos (5): Mapped CCI-000381 to principle-minimize-software Mapped CCI-000382 to principle-minimize-software Mapped CCI-000776 to sshd_allow_only_protocol2 Mapped CCI-000774 to sshd_allow_only_protocol2 Mapped CCI-000872 to met_inherently
rhel6/src/input/auxiliary/srg_support.xml | 2 +- rhel6/src/input/intro/intro.xml | 1 + rhel6/src/input/services/ssh.xml | 1 + 3 files changed, 3 insertions(+), 1 deletions(-)